Microsoft frames long-overdue Windows changes as ‘reaffirming our long-standing approach’

Here are the first two paragraphs of a recent post on the Windows blog:

“Today we’re reaffirming our long-standing approach to put people in control of their Windows PC experience and to empower developers to take advantage of our open platform.

We want to ensure that people are in control of what gets pinned to their Desktop, their Start menu and their Taskbar as well as to be able to control their default applications such as their default browser through consistent, clear and trustworthy Windows provided system dialogs and settings.”

These changes are very welcome, and appear to resolve some particularly annoying Windows behaviours that users have been complaining about for decades.

But for Microsoft to frame these much-needed fixes as “we’ve always done this, and now we’re just making sure” is rather amusing. Come on guys, admitting mistakes is healthy. Are you saying these issues are new? Because they’re not. Are you saying you were unaware of these issues? I doubt that very much, because people have been complaining about them for years. No, this is just Microsoft public relations attempting to revise history.

What Microsoft is conveniently leaving out is that the worst offenses of this kind (reverting user settings, pinning and unpinning shortcuts, changing default applications, etc.) have always been committed by Microsoft. For example, Windows Update had a very annoying tendency to revert the default web browser to Internet Explorer.

Microsoft has of course run into legal trouble for some of these behaviours. It seems clear that reverting a user’s default web browser to a Microsoft browser in the process of updating the operating system is unfair to competitors. And Microsoft has been forced to stop doing some of those things.

Anyway, here’s hoping that Microsoft truly is committed, now, to avoiding such devious — and incredibly annoying — practices.

What is a VPN?

VPN stands for Virtual Private Network. It is a technology that creates a secure and encrypted connection between two points on the internet. This connection is established by using VPN client software on a device that connects to a VPN server, typically located in a different geographic location.

When a user connects to a VPN server, the user’s device becomes part of the private network established by the VPN server. This allows the user to access the internet as if they were physically located in the same location as the VPN server.

The primary benefit of using a VPN is that it provides a secure and private connection, which is especially important when accessing sensitive information, such as financial data or personal information, over public Wi-Fi networks or when accessing geo-restricted content. It also helps to protect against hackers, identity theft, and other online threats by masking the user’s IP address and encrypting their internet traffic.

(Ed: written by ChatGPT; verified by jrivett.)

What is a worm?

In computing, a worm is a type of malicious software (malware) that replicates itself and spreads to other computers or networks without the need for human interaction. Unlike viruses, worms do not require a host program to attach themselves to, and can propagate independently through computer networks, usually by exploiting vulnerabilities in operating systems or other software.

Once a worm infects a computer, it can perform various malicious actions, such as stealing sensitive data, sending spam emails, launching distributed denial-of-service (DDoS) attacks, or installing additional malware. Worms can also consume a large amount of network bandwidth, causing network slowdowns or outages.

To protect against worms, it’s important to keep software up-to-date with the latest security patches, use antivirus software, and avoid downloading or opening suspicious attachments or links in emails.

(Ed: written by ChatGPT; verified by jrivett.)

What is authorization?

Authorization is the process of determining whether an entity or user is allowed to access a particular resource or perform a specific action within a system or application. In other words, it’s the process of verifying that a user has the necessary permissions to access a particular resource or perform a particular action.

Authorization typically involves checking the identity of the user, as well as their access credentials and permissions, against a set of access control rules. These rules may be defined within the application or system itself, or they may be defined in an external authorization server or policy engine.

Authorization is an important part of security in computer systems and is often used in conjunction with authentication, which is the process of verifying the identity of a user. Together, authentication and authorization ensure that only authorized users are able to access sensitive information and perform critical actions within a system.

(Ed: written by ChatGPT; verified by jrivett.)

What is authentication?

Authentication is the process of verifying the identity of a user or system attempting to access a particular resource, service, or application. It is the first line of defense against unauthorized access to information and resources.

Authentication typically involves presenting credentials, such as a username and password, to a system, which then verifies that the credentials match an authorized user or system. Other authentication methods can include biometric authentication, such as fingerprint or facial recognition, or the use of security tokens or smart cards.

Once a user or system has been successfully authenticated, they are granted access to the resource or service they are trying to access. Authentication is a critical component of security in any system, as it ensures that only authorized users are able to access sensitive information and resources.

(Ed: written by ChatGPT; verified by jrivett.)

What is spyware?

Spyware is a type of malicious software designed to gather sensitive information from a computer system without the user’s knowledge or consent. This information can include personal information such as passwords, credit card numbers, and online browsing habits, as well as system information such as installed software and hardware specifications. Spyware can be installed on a computer through a variety of means, such as email attachments, infected websites, and bundled software. Some spyware is designed to monitor a user’s activities for advertising purposes, while others are used for more malicious purposes such as identity theft and financial fraud. Spyware can cause a number of problems for a computer user, including decreased system performance, slow internet speeds, and a loss of privacy. It is important to protect your computer from spyware by using anti-virus software and avoiding downloading suspicious files from the internet.

(Ed: written by ChatGPT; verified by jrivett.)

What is a proxy?

A proxy is a server or computer that acts as an intermediary between a user and the internet. Proxies can be used for a variety of purposes, such as to improve network performance, to access blocked websites, or to protect a user’s identity and location. For example, a user can connect to a proxy server, which will then make requests on the user’s behalf and return the results to the user. This can help to hide the user’s IP address and location from the websites they are accessing.

(Ed: written by ChatGPT; verified and posted by jrivett)

What is Javascript?

JavaScript is a programming language that is primarily used to create interactive and dynamic websites. It is a client-side scripting language, which means that the code is executed on the user’s computer rather than on the server. JavaScript can be used to create things like drop-down menus, pop-ups, and interactive forms. It can also be used to create complex web applications and can be used in conjunction with other technologies such as HTML and CSS.

(Ed: written by ChatGPT; verified by jrivett.)

ChatGPT: experiments in writing

As I’m sure you’ve noticed by now, I’m using ChatGPT to generate some posts defining computing terms. I’m labeling them all clearly as generated text, but I’m also checking them carefully before posting.

Checking ChatGPT’s output is extremely important, because one can be lulled into believing that the program knows what it’s talking about. The text it generates always sounds authoritative, even when it’s horribly wrong. And it’s wrong more often that you might imagine.

Note: I’m not going to call ChatGPT an Artificial Intelligence (AI), because it’s nothing of the kind. It’s just a program that is able to generate believable-sounding text, regardless of its accuracy, based on analysis of a crapload of content written by humans. True AI will include this particular skill, just as it will include the ability to play chess, to generate art, to drive cars, to make quick decisions based on unpredictable circumstances, and many thousands more specific skills that humans possess.

A recent post at Futurism does a nice job of providing real-world examples of a mainstream news site (CNET) using ChatGPT to generate articles that sound fine, but include serious errors. In this case, the publisher did not initially identify the generated articles as being from ChatGPT, and while I can understand their reluctance, I think that was a bad call.

The risks of depending on ChatGPT are enumerated in this post from KnowBe4:

  • A big downside to ChatGPT is that its sources are unknown, meaning the creators themselves may not even know where the answers it produces come from. This often leads to incorrect information being given.
  • The concerning thing about this flaw is that the inaccuracies are tough to notice, especially because it sounds confident but can really be utter nonsense.
  • You cannot use ChatGPT to find out if text has been written by ChatGPT. There is no antidote.
  • It cannot detect scams. ChatGpt is a natural language processing tool that can answer questions and generate text based on the input it receives, but it does not have the ability to detect scams or other fraudulent activities.

Meanwhile, when I asked ChatGPT “Can ChatGPT’s writing be relied upon as accurate?” it responded as follows:

ChatGPT is a machine learning model and its accuracy is based on the data it was trained on. It can provide accurate information and responses to a wide range of questions and prompts, but it may not always be completely accurate or up-to-date. It’s always a good idea to verify any information provided by ChatGPT with additional sources.

What is a vulnerability?

A vulnerability is a weakness or gap in a system’s security that can be exploited by an attacker to gain unauthorized access or perform malicious actions. It can refer to a flaw in software, hardware, or a combination of both, that can be exploited to compromise the confidentiality, integrity, or availability of a system or its data. Vulnerabilities can be discovered through various means such as penetration testing, code reviews, or by being reported by external parties.

(Ed: written by ChatGPT; verified by jrivett.)

Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.